<?php
/*
 * [JINYUN!] (C)2001-2099 Jinyunweb.com
 * This is NOT a freeware, use is subject to license terms
 * $Id: 2017-12-13 03:39:35 apple $
*/
defined('BY_JYA') or exit('error');
$_RQ['op']=$_RQ['op']?$_RQ['op']:'get';
cfc('core')->checklogin();
$tabs=array(
	array('op'=>'get','title'=>'修改密码'),
);
set_html('tabs',$tabs);
$return=array();
if($_RQ['op']=='get'){
	$item=pdo_get('core_members',array('id'=>$_SESSION['uid']),array('username','password'));
	$return['item']=$item;
	if($item['password']){
		$return['has_pw']=true;
	}
	if($_SESSION['os']=='windows'){
		$return['htmls']=array(
			'type'=>'edit',
			'post'=>'post',
			'edit'=>array(
				array('type'=>'string','name'=>'username','title'=>'我的账号'),
				array('type'=>'password','name'=>'pw','title'=>'原密码'),
				array('type'=>'password','name'=>'pw1','title'=>'新密码'),
				array('type'=>'password','name'=>'pw2','title'=>'再次输入新密码'),
			),
		);
	}
	exi($return);
}
if($_RQ['op']=='post'){
	$post=get_postdata();
	if(!$post['username'] || !$post['pw1'] || !$post['pw2']){
		exi('请先设置好相关参数再提交！','error');
	}
	$item=pdo_get('core_members',array('id'=>$_SESSION['uid']),array('username','password','salt'));
	$update=array();
	if(!$post['username']){
		exi('账号不能为空！','error');
	}
	$uid=pdo_getcolumn('core_members',array('username'=>$post['username'],'uniacid'=>$_SESSION['uniacid']),'id');
	if($uid){
		if($uid!=$_SESSION['uid']){
			exi('账号已存在，请更换！','error');
		}
	}else{
		$update['username']=$post['username'];
	}
	if($item['password']){
		if(!$post['pw']){
			exi('请输入原密码！','error');
		}
		$pw=get_password($post['pw'],$item['salt']);
		if($pw!=$item['password']){
			exi('原密码错误！','error');
		}
	}
	//修改密码
	if($post['pw1'] != $post['pw2']){
		exi('两次输入账号密码不一致！','error');
	}
	$salt=random(10);
	$update['password']=get_password($post['pw1'],$salt);
	$update['salt']=$salt;
	pdo_update('core_members',$update,array('id'=>$_SESSION['uid'],'uniacid'=>$_SESSION['uniacid']));
	exi('操作成功！','','goback');
}